Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Creating Access to Just Web Ports and Management Console

    Scheduled Pinned Locked Moved Firewalling
    4 Posts 2 Posters 1.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • ? This user is from outside of this forum
      Guest
      last edited by

      Alright I'm running a very simple home setup (a few computers, a few iPhones, iPads, XBOX's, etc…)

      I want to allow access for everyone just to main ports (80, 443) and for just my devices to the admin management interface.

      Will the below screenshot show this correctly or am I going to run into problems? (Assume the alias's are correct)

      I also edited out the part where it allows all on the lan.

      Image edited per root2020's comment

      1 Reply Last reply Reply Quote 0
      • R Offline
        root2020
        last edited by

        Wouldn't you put Alldevices & AdminDevices under the source column? Unless the Destinations "Alldevices" are Aliases for IP's for domains like google, microsoft, mydomain or your firewall LAN IP.

        1 Reply Last reply Reply Quote 0
        • ? This user is from outside of this forum
          Guest
          last edited by

          Yes sorry I'll fix that real quick.

          1 Reply Last reply Reply Quote 0
          • R Offline
            root2020
            last edited by

            Interpretation of your two firewall rules, this is what will happen:
            Rule#1: All your devices will be able to connect to port 443 and 80 on your firewall and every other server on the internet. They will not be able to connect to DNS on port 53 to look-up domain to IP, so no internet.
            Rule#2: All you Admin Devices will be able to connect to your admin ports on you firewall and 443 and 80 to websites on the internet. Probably the same issue with DNS as in Rule#2.

            You probably want to set it up like the guide shows.
            http://doc.pfsense.org/index.php/Restrict_access_to_management_interface

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.